2 * Password quality check wrapper
4 * Copyright (C) 2012, Red Hat, Inc. All rights reserved.
5 * Copyright (C) 2012, Milan Broz
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * version 2 as published by the Free Software Foundation.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
21 #include "cryptsetup.h"
23 int opt_force_password = 0;
26 #include <pwquality.h>
28 static int tools_check_pwquality(const char *password)
32 pwquality_settings_t *pwq;
34 log_dbg("Checking new password using default pwquality settings.");
35 pwq = pwquality_default_settings();
39 r = pwquality_read_config(pwq, NULL, &auxerror);
41 log_err(_("Cannot check passsword quality: %s\n"),
42 pwquality_strerror(NULL, 0, r, auxerror));
43 pwquality_free_settings(pwq);
47 r = pwquality_check(pwq, password, NULL, NULL, &auxerror);
49 log_err(_("Password quality check failed:\n %s\n"),
50 pwquality_strerror(NULL, 0, r, auxerror));
53 log_dbg("New password libpwquality score is %d.", r);
57 pwquality_free_settings(pwq);
60 #else /* ENABLE_PWQUALITY */
61 static int tools_check_pwquality(const char *password)
65 #endif /* ENABLE_PWQUALITY */
67 int tools_get_key(const char *prompt,
68 char **key, size_t *key_size,
69 size_t keyfile_offset, size_t keyfile_size_max,
71 int timeout, int verify, int pwquality,
72 struct crypt_device *cd)
76 block = tools_signals_blocked();
80 r = crypt_get_key(prompt, key, key_size, keyfile_offset,
81 keyfile_size_max, key_file, timeout, verify, cd);
85 /* Check pwquality for password (not keyfile) */
86 if (pwquality && !opt_force_password && !key_file && !r)
87 r = tools_check_pwquality(*key);